1
martyras
Site hacked!
  • 2005/8/10 18:34

  • martyras

  • Just popping in

  • Posts: 37

  • Since: 2004/11/1


Hello guys.

Our site has been hacked and we wanted to know what exploit did they used to manage this.

Check here: [*link removed by request from the webmaster - herko*]

Massaged displayed instead of the last 10 news.

Xoops version we use 2.0.7.3.

Thank you for your time.

2
hyperpod
Re: Site hacked!
  • 2005/8/10 18:47

  • hyperpod

  • Quite a regular

  • Posts: 359

  • Since: 2004/10/4


Well, without any details, it looks like they hacked your server.. not xoops, but this is just a guess...

Also, why dont you ask them? they left their email address for you.


Best Regards,
Daniel Hall / XOOPS Module Development & Theme Design
Free XOOPS Support > My Wish List

3
martyras
Re: Site hacked!
  • 2005/8/10 18:57

  • martyras

  • Just popping in

  • Posts: 37

  • Since: 2004/11/1


What details do you need to identify if it's from server or xoops?

4
hyperpod
Re: Site hacked!
  • 2005/8/10 19:09

  • hyperpod

  • Quite a regular

  • Posts: 359

  • Since: 2004/10/4


Well, number one, until you can identify the exact eploit such as using your access_logs, then you cannot assume that XOOPS is the problem.

You need to look at the access logs around the time your site was hacked.

Also, if you do assume, then assume your server was hacked, not XOOPS.

Once they hack your server, then they can edit stuff like your XOOPS site, but this doesnt mean they got in through XOOPS.


Also, if you are worried about security, then you really need to keep up with the latest version of XOOPS.

At this point, if they did get in through XOOPS, then it would be your fault, for not running the latest stable version (XOOPS 2.0.13a)


Who runs your server? Whats OS is it? Is it shared hosting?



Good Luck,

_Dan
Daniel Hall / XOOPS Module Development & Theme Design
Free XOOPS Support > My Wish List

5
martyras
Re: Site hacked!
  • 2005/8/10 19:17

  • martyras

  • Just popping in

  • Posts: 37

  • Since: 2004/11/1


From a company, shared hosting with linux.

Yes, I understand that but we haven't time to do an upgrade due to everyday news postings. So it is our fault.

Logs found. We will look them closely.

Thank you for helping on this.

6
hyperpod
Re: Site hacked!
  • 2005/8/10 19:46

  • hyperpod

  • Quite a regular

  • Posts: 359

  • Since: 2004/10/4


BTW- it looks like a nice site! :)

I just cannot get into it since I only speak english

But the design is very cool :)


Cheers,
Daniel Hall / XOOPS Module Development & Theme Design
Free XOOPS Support > My Wish List

7
Chappy
Re: Site hacked!
  • 2005/8/10 19:53

  • Chappy

  • Friend of XOOPS

  • Posts: 456

  • Since: 2002/12/14


It would also help to add a little description about what you mean by hacked - what happens?

You may also want to check out this thread for more information about some recent exploits - https://xoops.org/modules/newbb/viewto ... id=174079#forumpost174079
MMM...It tastes like chicken! ...

8
martyras
Re: Site hacked!
  • 2005/8/11 16:16

  • martyras

  • Just popping in

  • Posts: 37

  • Since: 2004/11/1


The problem was found with the help of the hosting company. It appeas that was an exploit at templates_c folder. When we deleted the files from within, the message went away. Is there a known patch for that? I haven't followed the forums for a while so I didn't know about any particular exploit.

@hyperpod
Thank you.

9
GIJOE
Re: Site hacked!
  • 2005/8/11 19:53

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


Quote:

martyras wrote:
The problem was found with the help of the hosting company. It appeas that was an exploit at templates_c folder. When we deleted the files from within, the message went away. Is there a known patch for that? I haven't followed the forums for a while so I didn't know about any particular exploit.

templates_c ?
Perhaps, it's just a back-door put by the attacker.

Crackers can access your site as administrators quite easily, if you runs XOOPS < 2.0.9.2 without Protector.

To prevent another back-doors, you'd better install XOOPS cleanly after backing up.

Login

Username:
Password:

Lost Password? Register now!

Who's Online

66 user(s) are online (35 user(s) are browsing Support Forums)


Members: 0


Guests: 66


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits